Computer systems store programs and data in mass storage devices. Unauthorized access to such stored data is a known and increasing threat. The usual method for protecting such stored information is by demanding a username and a password from a user of the computer system thereby avoiding unauthorized access to the data.
Few are aware of that an unauthorized person may gain access to any portion of information stored on a mass storage device without the standard user identification method; an unauthorized person can remove the storage device from the computer (on some systems with external mass storage units, this is extremely easy), insert the storage device into another computer system and read/use the information stored on the mass storage unit and even modify data if wanted (fraud). Theft of mass storage data is a substantial increasing threat.
It is known to secure information by encryption before it is stored on a mass storage media. Encrypted files or data segments must be decrypted before they can be used. When data is written back to the storage unit, the data must be re-encrypted. This process involves extra procedure handling for the user, and is often the reason why such precautions are rarely effective in use.
Most computer operating systems are also constructed to use work files (swap files, temporary files) of information currently processed. Sensitive data can remain available in the work files. Even if the user thinks that the job is done, and data are written encrypted and safe to a disk, a person skilled in the art will be able to extract data and documents from the work files.
Even when these working copies are deleted, they are still recoverable, since deletion normally will only mark an area on the mass storage media as free for use and not erasing the data. To be sure that data is erased, the media has to be written over and over again with random data to be sure that no information is available on the deleted part of the mass storage media. This procedure is storage media sensitive. The example above is typical for a magnetic type of media, and will be different for an electronic/mechanic/optical media; you cannot write too many times back to a flash media, since the writing will shorten the media life time dramatically.
These procedures involve a large amount of computer processing and use of specifically designed software.
Using software encryption programs will expose the allocated encryption keys when they are processed. Unauthorized persons, virus programs, spy programs etc., may use these exposed keys to decrypt stored data.
To avoid some of the mentioned shortcomings above of securing mass storage data, it is known that it is possible to encrypt all stored data on a mass storage device and decrypt all data read from such a mass storage device.
One advantage of this scheme is that all data on a mass storage device is always encrypted. This is achieved by providing a dedicated program to be executed handling the data stream to and from the mass storage device.
The aforementioned program however, cannot be stored encrypted because the computer system must be able to read and start executing the program in order to be able to decrypt information stored on a mass storage device. If all information stored in the mass storage device is to be encrypted, the program must be stored in a second storage device without encrypting the data stored thereon. Another obvious drawback in such a system is the demand for computer resources by the encryption/decryption process, leaving a lot less processor resources for the user of the computer system, and the encryption keys will still be exposed when they are used.
U.S. Pat. No. 5,513,262 (van Rumpt et. Al.), discloses an electronic device for enciphering and deciphering data sent to and from a mass storage device in a computer system by inserting the electronic device in the bus connecting the computer system and the mass storage device.
The connecting bus passes command codes, for example for a hard disk drive controller. The commands will be recognized by the electronic device and it will let pass the commands unchanged, while data is enciphered/deciphered on the fly when they passes the bus to and from the mass storage device through the electronic device.
Enciphering/deciphering are achieved by applying encryption/decryption algorithms (DES) and an encryption/decryption key on the data stream passing through the electronic device. The disclosure does however, not teach how to get the key into the enciphering/deciphering device in a safe manner.
One possible solution is a key hard coded into the unit, but a replaceable key is more attractive, if for example a used key accidentally is disclosed. The manufacture of the encryption/decryption device must also keep track of all used codes, if for example a used electronic device collapses, it must be replaced to gain access to the stored data. Therefore there must exist an index linking hard coded keys to specific devices, which in itself represents a security risk.
Replacing the key would imply transferring the key from a computer system to the electronic device over the interconnecting bus between the computer and the mass storage device, which means involving the central processor unit in the computer system. Malicious software, planted in the computer system, such as a virus, worm or Trojan code, may hijack the key when transferred and the encryption may be compromised.
UK patent application number GB 2,264,374 (Nolan) discloses another device to be inserted between a host computer and a mass storage device. Data flows between several data buffers, which may be acceptable for a low speed tape recording system, but the structure of the device cannot serve a modern high-speed hard disk drive. Moreover, the encryption/decryption depends on the data block organisation in the storage, which make the encryption/decryption device computer system dependent. However, the patent discloses a separate terminal where an operator can enter encryption/decryption keys directly to the encryption/decryption device without involving the central processing unit in the computer system. Even when using a separate channel supplying keys from a separate key storage media, like a smart card, the data stream may be compromised and/or manipulated.
One major drawback in the prior art is that all methods known so far utilise one algorithm and one key for the whole content on the storage media. Equal data sets will be encrypted with the same pattern that can be used to crack the key and the encryption method used. A simple example illustrating this scenario would be that the English word “is” would be encrypted to for example “ce”. By recognising that “is” is a very frequent phrase in an English text, and that this two-letter combination quite often is the second phrase in a sentence, this observation and pattern may help to crack the code that is used.